Linux Security News
SecurityFocus Linux Newsletter #441 Jun 18 2009 10:29PM
sfa securityfocus com
SecurityFocus Linux Newsletter #441
----------------------------------------

This issue is sponsored by VeriSign

VeriSign EV SSL Certificates for your sites' security turn the address bar in high security browsers green which helps your customers know they are safe on your site.

http://ad.doubleclick.net/clk;215510129;37701658;c

------------------------------------------------------------------
I. FRONT AND CENTER
1. Hacker-Tool Law Still Does Little
2. A Botnet by Any Other Name
II. LINUX VULNERABILITY SUMMARY
1. Rasterbar Software libtorrent Arbitrary File Overwrite Vulnerability
2. Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
3. Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities
4. MoinMoin Hierarchical ACL Security Bypass Vulnerability
5. Mozilla Firefox Large GIF File Background Denial of Service Vulnerability
6. Linux Kernel RTL8169 NIC Remote Denial of Service Vulnerability
7. Adobe Reader and Acrobat U3D Model Remote Stack Buffer Overflow Vulnerability
8. Adobe Reader and Acrobat Unspecified Memory Corruption Vulnerability
9. Adobe Reader and Acrobat JBIG Halftone Region Grid Area Remote Heap Buffer Overflow Vulnerability
10. Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
11. Adobe Reader and Acrobat FlateDecode Filter Integer Overflow Vulnerability
12. Adobe Reader and Acrobat Multiple Unspecified Remote Heap Buffer Overflow Vulnerabilities
13. Adobe Reader and Acrobat TrueType Font Handling Memory Corruption Vulnerability
14. Adobe Reader and Acrobat JBIG2 Filter Unspecified Memory Corruption Vulnerability
15. Adobe Reader and Acrobat JBIG 'Pattern Dictionary' Remote Heap Buffer Overflow Vulnerability
16. Adobe Reader & Acrobat JBIG Pattern Dictionary Allocation Remote Heap Buffer Overflow Vulnerability
17. Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
18. Adobe Reader and Acrobat Huffman-encoded JBIG2 Text Heap Overflow Vulnerability
19. Adobe Reader and Acrobat JBIG Segments 'Text Region' Memory Corruption Vulnerability
20. Multiple Symantec Products RAR/TAR/ZIP File Scan Evasion Vulnerability
21. Multiple F-PROT Products TAR File Scan Evasion Vulnerability
22. Multiple Norman Products RAR/CAB File Scan Evasion Vulnerability
23. Mozilla Firefox 'NPObject' Access Remote Code Execution Vulnerability
24. SugarCRM Email Attachment Arbitrary File Upload Vulnerability
25. Multiple Kaspersky Products PDF File Scan Evasion Vulnerability
26. Mozilla Firefox/Thunderbird/SeaMonkey Multiple Browser Engine Memory Corruption Vulnerabilities
27. Mozilla Firefox/Thunderbird/SeaMonkey Double Frame Construction Memory Corruption Vulnerability
28. Mozilla Firefox/Thunderbird/SeaMonkey Multiple JavaScript Engine Memory Corruption Vulnerabilities
29. Mozilla Firefox and SeaMonkey JavaScript Chrome Privilege Escalation Vulnerability
30. Mozilla Firefox/Thunderbird/SeaMonkey XUL Scripts Content-Policy Check Security Bypass Vulnerability
31. Multiple Browser Malicious Proxy HTTPS Man In The Middle Vulnerability
32. Sun Java Runtime Environment Aqua Look and Feel Privilege Escalation Vulnerability
33. Mozilla Firefox/Thunderbird/SeaMonkey Null Owner Document Arbitrary Code Execution Vulnerability
34. Mozilla Firefox/Thunderbird/SeaMonkey 'file://' URI Security Bypass Vulnerability
35. Mozilla Firefox and SeaMonkey Address Bar URI Spoofing Vulnerability
36. Mozilla Firefox/SeaMonkey 'file://' URI Information Disclosure Vulnerability
37. Computer Associates ARCserve Backup Message Engine Denial of Service Vulnerability
38. RETIRED: Sun Java Runtime Environment Aqua Look and Feel Privilege Escalation Vulnerability
39. Multiple Sophos Products CAB File Scan Evasion Vulnerability
40. Multiple Browsers Cached Certificate HTTP Site Spoofing Vulnerability
41. Mozilla Firefox 'nsViewManager.cpp' Denial of Service Vulnerability
42. Multiple F-PROT Products RAR/ARJ/LHA/LZH File Scan Evasion Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Hacker-Tool Law Still Does Little
By Mark Rasch
On August 10, 2007, a new section of the German Penal code went into effect. The statute, intended to implement certain provisions of the Council of Europe Treaty on Cybercrime, could be interpreted to make the creation or distribution of computer security software a criminal offense.
http://www.securityfocus.com/columnists/502

2. A Botnet by Any Other Name
By Gubter Ollmann
The news has been awash the last few weeks with fears over globe-spanning botnets and their criminal intent: Conficker managed to hog the limelight for well over a month, and then came Finjan's disclosure of a previously unknown - and currently unnamed - botnet consisting of some 1.9 million malicious agents.
http://www.securityfocus.com/columnists/501

II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Rasterbar Software libtorrent Arbitrary File Overwrite Vulnerability
BugTraq ID: 35262
Remote: Yes
Date Published: 2009-06-08
Relevant URL: http://www.securityfocus.com/bid/35262
Summary:
The 'libtorrent' library is prone to a vulnerability that may allow remote attackers to overwrite arbitrary local files. This may result in a denial-of-service condition or aid in further attacks.

This issue affects versions prior to libtorrent 0.14.4.

2. Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
BugTraq ID: 35263
Remote: Yes
Date Published: 2009-06-08
Relevant URL: http://www.securityfocus.com/bid/35263
Summary:
Apache Tomcat is prone to a remote information-disclosure vulnerability.

Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

The following versions of Apache Tomcat are vulnerable:

6.0.0-6.0.18
5.5.0-5.5.27
4.1.0-4.1.39

3. Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities
BugTraq ID: 35274
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35274
Summary:
Adobe Reader and Acrobat are prone to multiple remote vulnerabilities.

An attacker can exploit these issues by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions.

The following individual records have been created to better document some of these issues:

35298 Adobe Reader and Acrobat JBIG2 Filter Unspecified Memory Corruption Vulnerability
35295 Adobe Reader and Acrobat Multiple Unspecified Remote Heap Buffer Overflow Vulnerabilities
35294 Adobe Reader and Acrobat 9.1.1 and Prior Integer Overflow Vulnerability
35296 Adobe Reader and Acrobat 9.1.1 and Prior Unspecified Memory Corruption Vulnerability
35289 Adobe Reader and Acrobat Unspecified Memory Corruption Vulnerability
35293 Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
35291 Adobe Reader and Acrobat JBIG Halftone Region Grid Area Remote Heap Buffer Overflow Vulnerability
35282 Adobe Reader and Acrobat U3D Model Remote Stack Buffer Overflow Vulnerability
35299 Adobe Reader and Acrobat JBIG 'Pattern Dictionary' Remote Heap Buffer Overflow Vulnerability
35300 Adobe Reader & Acrobat JBIG Pattern Dictionary Allocation Remote Heap Buffer Overflow Vulnerability
35301 Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
35302 Adobe Reader and Acrobat Huffman-encoded JBIG2 Text Heap Overflow Vulnerability
35303 Adobe Reader and Acrobat JBIG Segments 'Text Region' Memory Corruption Vulnerability

The vendor reports other unspecified security issues have also been addressed. Information regarding these issues is currently not available. We will update this BID as more information emerges.

4. MoinMoin Hierarchical ACL Security Bypass Vulnerability
BugTraq ID: 35277
Remote: Yes
Date Published: 2009-06-10
Relevant URL: http://www.securityfocus.com/bid/35277
Summary:
MoinMoin is prone to a security-bypass vulnerability.

Successful exploits will allow attackers to bypass certain security restrictions and gain unauthorized access to restricted sub-pages. This may aid in further attacks.

This issue affects MoinMoin 1.8.3; other versions may also be affected.

5. Mozilla Firefox Large GIF File Background Denial of Service Vulnerability
BugTraq ID: 35280
Remote: Yes
Date Published: 2009-06-10
Relevant URL: http://www.securityfocus.com/bid/35280
Summary:
Mozilla Firefox is prone to a remote denial-of-service vulnerability.

Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions.

Firefox 3.0.10 is affected; other versions mat also be vulnerable.

6. Linux Kernel RTL8169 NIC Remote Denial of Service Vulnerability
BugTraq ID: 35281
Remote: Yes
Date Published: 2009-06-10
Relevant URL: http://www.securityfocus.com/bid/35281
Summary:
The Linux Kernel is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to crash the system, denying service to legitimate users.
Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed.

Versions prior to Linux Kernel 2.6.30 are vulnerable.

7. Adobe Reader and Acrobat U3D Model Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 35282
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35282
Summary:
Adobe Reader and Acrobat are prone to a remote stack-based buffer-overflow vulnerability because they fail to adequately bounds-check user-supplied data.

An attacker can exploit this issue by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

8. Adobe Reader and Acrobat Unspecified Memory Corruption Vulnerability
BugTraq ID: 35289
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35289
Summary:
Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability.

Exploiting this issue will allow remote attackers to execute arbitrary code within the context of the affected application or crash the application.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

9. Adobe Reader and Acrobat JBIG Halftone Region Grid Area Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 35291
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35291
Summary:
Adobe Reader and Acrobat are prone to a remote heap-based buffer-overflow vulnerability because they fail to sufficiently sanitize user-supplied input.

An attacker can exploit this issue by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

10. Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 35293
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35293
Summary:
Adobe Reader and Acrobat are prone to a remote heap-based buffer-overflow vulnerability because they fail to sufficiently sanitize user-supplied input.

An attacker can exploit this issue by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

11. Adobe Reader and Acrobat FlateDecode Filter Integer Overflow Vulnerability
BugTraq ID: 35294
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35294
Summary:
Adobe Reader and Acrobat are prone to an integer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

12. Adobe Reader and Acrobat Multiple Unspecified Remote Heap Buffer Overflow Vulnerabilities
BugTraq ID: 35295
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35295
Summary:
Adobe Reader and Acrobat are prone to multiple remote heap-based buffer-overflow vulnerabilities because they fail to sufficiently sanitize user-supplied input.

An attacker can exploit these issues by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions.

NOTE: These issues were previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned their own record to better document the issues.

13. Adobe Reader and Acrobat TrueType Font Handling Memory Corruption Vulnerability
BugTraq ID: 35296
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35296
Summary:
Adobe Reader and Acrobat are prone to a memory-corruption vulnerability.

An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

14. Adobe Reader and Acrobat JBIG2 Filter Unspecified Memory Corruption Vulnerability
BugTraq ID: 35298
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35298
Summary:
Adobe Reader and Acrobat are prone to an unspecified memory-corruption vulnerability.

An attacker can exploit this issue by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

15. Adobe Reader and Acrobat JBIG 'Pattern Dictionary' Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 35299
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35299
Summary:
Adobe Reader and Acrobat are prone to a remote heap-based buffer-overflow vulnerability because they fail to sufficiently sanitize user-supplied input.

An attacker can exploit this issue by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

16. Adobe Reader & Acrobat JBIG Pattern Dictionary Allocation Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 35300
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35300
Summary:
Adobe Reader and Acrobat are prone to a remote heap-based buffer-overflow vulnerability because they fail to sufficiently sanitize user-supplied input.

An attacker can exploit this issue by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

17. Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 35301
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35301
Summary:
Adobe Reader and Acrobat are prone to a remote heap-based buffer-overflow vulnerability because they fail to sufficiently sanitize user-supplied input.

An attacker can exploit this issue by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

18. Adobe Reader and Acrobat Huffman-encoded JBIG2 Text Heap Overflow Vulnerability
BugTraq ID: 35302
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35302
Summary:
Adobe Reader and Acrobat are prone to a heap-based buffer-overflow vulnerability.

An attacker can exploit these issues by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

19. Adobe Reader and Acrobat JBIG Segments 'Text Region' Memory Corruption Vulnerability
BugTraq ID: 35303
Remote: Yes
Date Published: 2009-06-09
Relevant URL: http://www.securityfocus.com/bid/35303
Summary:
Adobe Reader and Acrobat are prone to a memory corruption vulnerability.

An attacker can exploit these issues by tricking a victim into opening a malicious file to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35274 (Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

20. Multiple Symantec Products RAR/TAR/ZIP File Scan Evasion Vulnerability
BugTraq ID: 35354
Remote: Yes
Date Published: 2009-06-12
Relevant URL: http://www.securityfocus.com/bid/35354
Summary:
Multiple Symantec products are prone to a vulnerability that may allow certain compressed archives to bypass the scan engine.

Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect.

The following products are affected:

Symantec Mail Security for Domino
Symantec Mail Security for Microsoft Exchange
Symantec Mail Security for SMTP
Symantec Brightmail Gateway
Symantec AntiVirus for Network Attached Storage
Symantec AntiVirus for Caching
Symantec AntiVirus for Messaging
Symantec Protection for SharePoint Servers
Symantec Protection Suite
Symantec Scan Engine
Symantec Client Security
Symantec Endpoint Protection
Symantec AntiVirus Corporate Edition
Norton Internet Security
Norton 360
Norton AntiVirus
Norton Systemworks

21. Multiple F-PROT Products TAR File Scan Evasion Vulnerability
BugTraq ID: 35355
Remote: Yes
Date Published: 2009-06-14
Relevant URL: http://www.securityfocus.com/bid/35355
Summary:
Multiple F-PROT products are prone to a vulnerability that may allow certain compressed archives to bypass the scan engine.

Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect.

22. Multiple Norman Products RAR/CAB File Scan Evasion Vulnerability
BugTraq ID: 35357
Remote: Yes
Date Published: 2009-06-08
Relevant URL: http://www.securityfocus.com/bid/35357
Summary:
Multiple Norman products are prone to a vulnerability that may allow certain compressed archives to bypass the scan engine.

Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect.

The following products are affected:

Norman Virus Control single user and corporate versions
Norman Internet Control
Norman Virus Control E-mail plugins
Norman Endpoint Protection
Norman Secuirty Suite
Norman Network Protection

23. Mozilla Firefox 'NPObject' Access Remote Code Execution Vulnerability
BugTraq ID: 35360
Remote: Yes
Date Published: 2009-06-11
Relevant URL: http://www.securityfocus.com/bid/35360
Summary:
Mozilla Firefox is prone to a remote code-execution vulnerability.

Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application or to obtain sensitive information.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

24. SugarCRM Email Attachment Arbitrary File Upload Vulnerability
BugTraq ID: 35361
Remote: Yes
Date Published: 2009-06-13
Relevant URL: http://www.securityfocus.com/bid/35361
Summary:
SugarCRM is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately validate user-supplied input.

An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

The issue affects SugarCRM 5.2.0e; prior versions may also be vulnerable.

25. Multiple Kaspersky Products PDF File Scan Evasion Vulnerability
BugTraq ID: 35365
Remote: Yes
Date Published: 2009-06-13
Relevant URL: http://www.securityfocus.com/bid/35365
Summary:
Multiple Kaspersky products are prone to a vulnerability that may allow certain PDF files to bypass the scan engine.

Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect.

26. Mozilla Firefox/Thunderbird/SeaMonkey Multiple Browser Engine Memory Corruption Vulnerabilities
BugTraq ID: 35370
Remote: Yes
Date Published: 2009-06-11
Relevant URL: http://www.securityfocus.com/bid/35370
Summary:
Mozilla Firefox, Thunderbird, and SeaMonkey are prone to multiple remote memory-corruption vulnerabilities.

An attacker can exploit these issues to corrupt memory on the affected computer and run arbitrary code in the context of the user running the affected application. Failed exploit attempts will cause denial-of-service conditions.

NOTE: In some cases, arbitrary code execution may not be possible.

NOTE: These issues were previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but have been assigned their own record to better document them.

27. Mozilla Firefox/Thunderbird/SeaMonkey Double Frame Construction Memory Corruption Vulnerability
BugTraq ID: 35371
Remote: Yes
Date Published: 2009-06-11
Relevant URL: http://www.securityfocus.com/bid/35371
Summary:
Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a remote memory-corruption vulnerability.

An attacker can exploit these issues to corrupt memory on the affected computer and run arbitrary code in the context of the user running the affected application. Failed exploit attempts will cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

28. Mozilla Firefox/Thunderbird/SeaMonkey Multiple JavaScript Engine Memory Corruption Vulnerabilities
BugTraq ID: 35372
Remote: Yes
Date Published: 2009-06-11
Relevant URL: http://www.securityfocus.com/bid/35372
Summary:
Mozilla Firefox, Thunderbird, and SeaMonkey are prone to multiple remote memory-corruption vulnerabilities.

An attacker can exploit these issues to corrupt memory on the affected computer and run arbitrary code in the context of the user running the affected application. Failed exploit attempts will cause denial-of-service conditions.

NOTE: These issues were previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but have been assigned their own record to better document them.

29. Mozilla Firefox and SeaMonkey JavaScript Chrome Privilege Escalation Vulnerability
BugTraq ID: 35373
Remote: Yes
Date Published: 2009-06-15
Relevant URL: http://www.securityfocus.com/bid/35373
Summary:
Mozilla Firefox and SeaMonkey are prone to a privilege-escalation vulnerability in the browser's sidebar and FeedWriter.

Attackers can exploit this issue to execute arbitrary code with the object's chrome privileges.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

30. Mozilla Firefox/Thunderbird/SeaMonkey XUL Scripts Content-Policy Check Security Bypass Vulnerability
BugTraq ID: 35377
Remote: Yes
Date Published: 2009-06-11
Relevant URL: http://www.securityfocus.com/bid/35377
Summary:
Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a security-bypass vulnerability.

Attackers can exploit this issue to bypass the content-loading policies. The impact of this issue will depend on the reasons behind the content check.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

31. Multiple Browser Malicious Proxy HTTPS Man In The Middle Vulnerability
BugTraq ID: 35380
Remote: Yes
Date Published: 2009-06-11
Relevant URL: http://www.securityfocus.com/bid/35380
Summary:
Multiple web browsers are prone to a man-in-the-middle vulnerability.

Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how sites are rendered to the user. Other attacks are also possible.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

UPDATE (June 17, 2009): This BID had been updated to reflect that the issue affects multiple browsers, not just Mozilla products.

32. Sun Java Runtime Environment Aqua Look and Feel Privilege Escalation Vulnerability
BugTraq ID: 35381
Remote: Yes
Date Published: 2009-06-15
Relevant URL: http://www.securityfocus.com/bid/35381
Summary:
Sun Java Runtime Environment (JRE) is prone to a privilege-escalation vulnerability.

Successful exploits may allow attackers to execute arbitrary code with elevated privileges on affected computers.

This issue affects JRE 1.5 running on Mac OS X 10.5.

33. Mozilla Firefox/Thunderbird/SeaMonkey Null Owner Document Arbitrary Code Execution Vulnerability
BugTraq ID: 35383
Remote: Yes
Date Published: 2009-06-11
Relevant URL: http://www.securityfocus.com/bid/35383
Summary:
Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary JavaScript code with chrome privileges. This may result in elevated privileges or lead to a denial-of-service condition. Other attacks may also be possible.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

34. Mozilla Firefox/Thunderbird/SeaMonkey 'file://' URI Security Bypass Vulnerability
BugTraq ID: 35386
Remote: Yes
Date Published: 2009-06-11
Relevant URL: http://www.securityfocus.com/bid/35386
Summary:
Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a security-bypass vulnerability.

Attackers can exploit this issue to bypass restrictions on reading local files, which may allow them to obtain sensitive information or launch other attacks.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

35. Mozilla Firefox and SeaMonkey Address Bar URI Spoofing Vulnerability
BugTraq ID: 35388
Remote: Yes
Date Published: 2009-06-11
Relevant URL: http://www.securityfocus.com/bid/35388
Summary:
Mozilla Firefox and SeaMonkey are affected by a URI-spoofing vulnerability because they fail to adequately handle user-supplied data.

An attacker may leverage this issue by inserting arbitrary content to spoof a URI presented to an unsuspecting user. This may lead to a false sense of trust because the victim may be presented with a URI of a seemingly trusted site while interacting with the attacker's malicious site.

Versions *prior to* the following are affected:

Firefox 3.0.11
SeaMonkey 1.1.17

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

36. Mozilla Firefox/SeaMonkey 'file://' URI Information Disclosure Vulnerability
BugTraq ID: 35391
Remote: Yes
Date Published: 2009-06-11
Relevant URL: http://www.securityfocus.com/bid/35391
Summary:
Mozilla Firefox and SeaMonkey are prone to an information-disclosure vulnerability.

Attackers can exploit this issue to bypass certain security restrictions and gain access to potentially sensitive information that may aid in further attacks.

NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

37. Computer Associates ARCserve Backup Message Engine Denial of Service Vulnerability
BugTraq ID: 35396
Remote: Yes
Date Published: 2009-06-16
Relevant URL: http://www.securityfocus.com/bid/35396
Summary:
Computer Associates ARCserve Backup is prone to multiple denial-of-service vulnerabilities.

Attackers can exploit these issues to crash the affected application, denying service to legitimate users.

The following applications are affected:

CA ARCserve Backup r12.0 Windows
CA ARCserve Backup r12.0 SP 1 Windows

38. RETIRED: Sun Java Runtime Environment Aqua Look and Feel Privilege Escalation Vulnerability
BugTraq ID: 35401
Remote: Yes
Date Published: 2009-06-16
Relevant URL: http://www.securityfocus.com/bid/35401
Summary:
Sun Java Runtime Environment (JRE) is prone to a privilege-escalation vulnerability.

Successful exploits may allow attackers to execute arbitrary code with elevated privileges on affected computers.

This issue affects JRE 1.5 running on Mac OS X 10.5.

NOTE: This BID is being retied because the vulnerability was previously documented in BID 35381 (Sun Java Runtime Environment Aqua Look and Feel Privilege Escalation Vulnerability).

39. Multiple Sophos Products CAB File Scan Evasion Vulnerability
BugTraq ID: 35402
Remote: Yes
Date Published: 2009-06-16
Relevant URL: http://www.securityfocus.com/bid/35402
Summary:
Multiple Sophos products are prone to a vulnerability that may allow certain compressed archives to bypass the scan engine.

Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect.

Versions prior to the following are vulnerable:

Sophos Anti-Virus for Windows 7.6.8
Sophos Anti-Virus for Windows 4.7.23
Sophos Anti-Virus for OS X 4.9.23/7.02
Sophos Anti-Virus for Linux 6.6.3
Sophos Anti-Virus for UNIX 7.0.10
Sophos Anti-Virus for Unix 4.42.0
Sophos Anti-Virus for Netware 4.42.0
Sophos Email Appliance 3.1.4.1
Sophos Web Appliance 3.0.0
Pure Message for Unix 5.5.5

40. Multiple Browsers Cached Certificate HTTP Site Spoofing Vulnerability
BugTraq ID: 35411
Remote: Yes
Date Published: 2009-06-17
Relevant URL: http://www.securityfocus.com/bid/35411
Summary:
Multiple browsers are prone to a vulnerability that may allow attackers to spoof arbitrary HTTPS sites.

Attackers may exploit this vulnerability via a malicious webpage to spoof the origin of an HTTPS site. Successful exploits will lead to a false sensitive security since the victim is visiting a site that is assumed to be legitimate.

41. Mozilla Firefox 'nsViewManager.cpp' Denial of Service Vulnerability
BugTraq ID: 35413
Remote: Yes
Date Published: 2009-06-11
Relevant URL: http://www.securityfocus.com/bid/35413
Summary:
Mozilla Firefox is prone to a remote denial-of-service vulnerability.

Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions.

Firefox 3.0.2 through 3.0.10 are vulnerable.

42. Multiple F-PROT Products RAR/ARJ/LHA/LZH File Scan Evasion Vulnerability
BugTraq ID: 35427
Remote: Yes
Date Published: 2009-06-18
Relevant URL: http://www.securityfocus.com/bid/35427
Summary:
Multiple F-PROT products are prone to a vulnerability that may allow certain compressed archives to bypass the scan engine.

Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by VeriSign

VeriSign EV SSL Certificates for your sites' security turn the address bar in high security browsers green which helps your customers know they are safe on your site.

http://ad.doubleclick.net/clk;215510129;37701658;c

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus